News

APIs and hardware are under attack, and the numbers don’t look good

access control, API security, Bugcrowd, cybersecurity, Don't miss, hardware, News, report, vulnerability /

APIs and hardware are under attack, and the numbers don’t look good 2025-09-24 at 08:35 By Sinisa Markovic Attackers have a new favorite playground, and it’s not where many security teams are looking. According to fresh data from Bugcrowd, vulnerabilities in hardware and APIs are climbing fast, even as website flaws hold steady. The shift […]

React to this headline:

Loading spinner

APIs and hardware are under attack, and the numbers don’t look good Read More »

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history

GitHub, News, open source, scanning, software /

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history 2025-09-24 at 08:10 By Anamarija Pogorelec Nosey Parker is an open-source command-line tool that helps find secrets and sensitive information hidden in text files. It works like a specialized version of grep, focused on spotting things like passwords, API keys, and other

React to this headline:

Loading spinner

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history Read More »

A look inside 1,000 cyber range events and what they reveal about AppSec

code analysis, cybersecurity, News, report, survey /

A look inside 1,000 cyber range events and what they reveal about AppSec 2025-09-24 at 07:45 By Anamarija Pogorelec Software powers almost every part of business, which means attackers have more chances than ever to exploit insecure code. A new report from CMD+CTRL Security looks at how teams are building their defenses through cyber range

React to this headline:

Loading spinner

A look inside 1,000 cyber range events and what they reveal about AppSec Read More »

Building AI responsibly from day one

Artificial Intelligence, Don't miss, News, strategy, tips, Video /

Building AI responsibly from day one 2025-09-24 at 07:45 By Help Net Security In this Help Net Security video, David Hardoon, Global Head of AI Enablement at Standard Chartered, discusses the role of ethics and safety in AI development. He explains why principles like fairness, accountability, and transparency must be built into AI systems from

React to this headline:

Loading spinner

Building AI responsibly from day one Read More »

U.S. Secret Service takes down network of devices threatening government officials

Government, hardware, law enforcement, News, threats, USA /

U.S. Secret Service takes down network of devices threatening government officials 2025-09-23 at 16:48 By Sinisa Markovic The U.S. Secret Service has broken up a network of electronic devices spread across the New York tristate area that officials say posed an imminent threat to national security. The devices were being used to launch telecommunications attacks

React to this headline:

Loading spinner

U.S. Secret Service takes down network of devices threatening government officials Read More »

SonicWall adds rootkit removal capabilities to the SMA 100 series

Don't miss, firmware, Google, Hot stuff, Mandiant, News, Ransomware, rootkits, security update, SonicWall /

SonicWall adds rootkit removal capabilities to the SMA 100 series 2025-09-23 at 16:24 By Zeljka Zorz SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is the OVERSTEP user-mode rootkit, deployed by threat group UNC6148. The

React to this headline:

Loading spinner

SonicWall adds rootkit removal capabilities to the SMA 100 series Read More »

Cybercriminals are going after law firms’ sensitive client data

cybersecurity, law firms, News, threats /

Cybercriminals are going after law firms’ sensitive client data 2025-09-23 at 10:47 By Sinisa Markovic Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been more at risk. Cybercriminals are targeting law firms by exploiting vulnerabilities, weak passwords, outdated systems, and

React to this headline:

Loading spinner

Cybercriminals are going after law firms’ sensitive client data Read More »

Review: Practical Purple Teaming

books, cybersecurity, Don't miss, News, Review, Reviews /

Review: Practical Purple Teaming 2025-09-23 at 10:47 By Mirko Zorz Practical Purple Teaming is a guide to building stronger collaboration between offensive and defensive security teams. The book focuses on how to design and run effective purple team exercises that improve detection and response and strengthen trust between teams. About the author Alfie Champion is

React to this headline:

Loading spinner

Review: Practical Purple Teaming Read More »

Gartner: Preemptive cybersecurity to dominate 50% of security spend by 2030

agentic AI, Artificial Intelligence, cybersecurity, Gartner, News, report /

Gartner: Preemptive cybersecurity to dominate 50% of security spend by 2030 2025-09-23 at 08:09 By Help Net Security By 2030, preemptive cybersecurity solutions will account for 50% of IT security spending, up from less than 5% in 2024, replacing standalone detection and response (DR) solutions as the preferred approach to defend against cyberthreats, according to

React to this headline:

Loading spinner

Gartner: Preemptive cybersecurity to dominate 50% of security spend by 2030 Read More »

Cybersecurity jobs available right now: September 23, 2025

cybersecurity jobs, News /

Cybersecurity jobs available right now: September 23, 2025 2025-09-23 at 08:09 By Anamarija Pogorelec Application Security Engineer PayPal | USA | On-site – View job details As an Application Security Engineer, you will apply security best practices to enhance and optimize systems, ensuring protection and efficiency, while beginning to understand and align security solutions with

React to this headline:

Loading spinner

Cybersecurity jobs available right now: September 23, 2025 Read More »

High-impact IT outages cost businesses $2 million per hour

Artificial Intelligence, cybersecurity, monitoring, New Relic, News, report /

High-impact IT outages cost businesses $2 million per hour 2025-09-23 at 08:09 By Anamarija Pogorelec The financial stakes of downtime are climbing, and IT leaders are being pushed to rethink how they monitor complex systems. According to the 2025 Observability Forecast from New Relic, the median cost of a high-impact outage has reached $2 million

React to this headline:

Loading spinner

High-impact IT outages cost businesses $2 million per hour Read More »

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Don't miss, GitHub, Hot stuff, LastPass, macOS, Malware, News, SEO, social engineering /

Malicious GitHub pages lure MacOS users into installing Atomic infostealer 2025-09-22 at 17:52 By Zeljka Zorz MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread

React to this headline:

Loading spinner

Malicious GitHub pages lure MacOS users into installing Atomic infostealer Read More »

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)

Don't miss, enterprise, Fortra, News, security update, SMBs, VulnCheck, vulnerability /

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) 2025-09-22 at 14:20 By Zeljka Zorz If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-2025-10035. About CVE-2025-10035 CVE-2025-10035 is a critical deserialization

React to this headline:

Loading spinner

Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035) Read More »

How Juventus protects fans, revenue, and reputation during matchdays

CISO, Compliance, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, resilience, Risk Management, security awareness, software development, strategy /

How Juventus protects fans, revenue, and reputation during matchdays 2025-09-22 at 10:29 By Mirko Zorz In this Help Net Security interview, Mirko Rinaldini, Head of ICT at Juventus Football Club, discusses the club’s approach to cyber risk strategy. Juventus has developed a threat-led, outcomes-driven program that balances innovation with protections across matchdays, e-commerce, and digital

React to this headline:

Loading spinner

How Juventus protects fans, revenue, and reputation during matchdays Read More »

Cybersecurity AI (CAI): Open-source framework for AI security

agentic AI, Artificial Intelligence, Don't miss, framework, GitHub, News, open source, software /

Cybersecurity AI (CAI): Open-source framework for AI security 2025-09-22 at 10:29 By Anamarija Pogorelec Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working in security, including researchers, ethical hackers, IT staff, and organizations that want to use AI

React to this headline:

Loading spinner

Cybersecurity AI (CAI): Open-source framework for AI security Read More »

Kubernetes matures as AI and GitOps reshape operations

hardware, Komodor, Kubernetes, News, report, security operations, survey /

Kubernetes matures as AI and GitOps reshape operations 2025-09-22 at 08:09 By Anamarija Pogorelec Kubernetes has moved well past its early adoption phase. The new Komodor 2025 Enterprise Kubernetes Report shows that technical teams are shifting their focus from running containers to managing a growing mix of AI workloads and advanced automation practices like GitOps.

React to this headline:

Loading spinner

Kubernetes matures as AI and GitOps reshape operations Read More »

AI needs ethics to avoid real-world harm

agentic AI, Artificial Intelligence, Don't miss, fraud, News, Sift, strategy, tips, Video /

AI needs ethics to avoid real-world harm 2025-09-22 at 08:09 By Help Net Security In this Help Net Security video, Brittany Allen, Senior Trust and Safety Architect at Sift, explores how the rise of AI agents is creating new fraud risks. She explains how these agents, while designed to assist users, can unintentionally help fraudsters

React to this headline:

Loading spinner

AI needs ethics to avoid real-world harm Read More »

OpenID Foundation sets new standards for real-time security event sharing

News, OpenID, security standard, standards /

OpenID Foundation sets new standards for real-time security event sharing 2025-09-22 at 08:09 By Help Net Security The OpenID Foundation (OIDF) has approved three Final Specifications, establishing the first global standards for real-time security event sharing across digital identity systems. The approved Final Specifications are: OpenID Shared Signals Framework 1.0 – Enables secure, real-time delivery

React to this headline:

Loading spinner

OpenID Foundation sets new standards for real-time security event sharing Read More »

Week in review: Chrome 0-day fixed, npm supply chain attack, LinkedIn data used for AI

News, Week in review /

Week in review: Chrome 0-day fixed, npm supply chain attack, LinkedIn data used for AI 2025-09-21 at 11:06 By Help Net Security Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Most enterprise AI use is invisible to security teams Most enterprise AI activity is happening without the knowledge

React to this headline:

Loading spinner

Week in review: Chrome 0-day fixed, npm supply chain attack, LinkedIn data used for AI Read More »

Scroll to Top